How Can Go 1.6's Built-in Vendoring Mechanism Simplify Dependency Management?

How to Use Vendor in Go 1.6

Go 1.6 introduced a built-in vendoring mechanism that simplifies dependency management. With vendoring, dependencies are included directly in the project's directory, allowing for offline building and more granular control over specific versions.

Using the ./vendor Folder

To use ./vendor, first copy the desired dependencies from your $GOPATH/src into the vendor folder. For example, if you want to use GitHub's [goji](https://github.com/zenazn/goji) routing package:

mkdir -p $GOPATH/src/your-project/vendor/github.com/zenazn/goji
cp -r $GOPATH/src/github.com/zenazn/goji/ $GOPATH/src/your-project/vendor/github.com/zenazn/goji

Once the dependencies are copied, Go tools like go build and go run will automatically check ./vendor first for the required packages. If not found, they will fall back to the standard $GOPATH/src directory.

Using Dependency Management Tools

While manual copying of dependencies is viable for small projects, dependency management tools offer a convenient way to install and manage dependencies from the vendor folder. Two popular options are:

• [godep](https://github.com/tools/godep)
• [govendor](https://github.com/kardianos/govendor)

These tools inspect your project, identify its dependencies, and copy them from $GOPATH/src to the current directory's vendor folder. For example, with Godep:

godep save ./...

Selective Vendoring

Vendoring allows you to selectively include only specific dependencies in the vendor folder. This approach ensures that you lock in the necessary packages to a specific version while allowing others to be updated through go get.

Benefits of Selective Vendoring

• Version Control: Locks in dependencies to ensure consistent builds in production.
• Selective Updates: Allows for targeted updates without interrupting other dependencies.

Overusing Dependency Management

While dependency management is essential, it's important to avoid overusing it. Blanketly vendoring all dependencies can hinder regular updates and potentially introduce unnecessary risk.

The above is the detailed content of How Can Go 1.6's Built-in Vendoring Mechanism Simplify Dependency Management?. For more information, please follow other related articles on the PHP Chinese website!